[kwlug-disc] migrating a user/group setup from system to system
Robert P. J. Day
rpjday at crashcourse.ca
Sat Sep 19 10:53:27 EDT 2009
On Sat, 19 Sep 2009, john at netdirect.ca wrote:
> -----kwlug-disc-bounces at kwlug.org wrote: -----
> >From: "Robert P. J. Day" <rpjday at crashcourse.ca>
> > first, moving the existing user/group configuration -- what does
> >that involve? it's not just blindly copying files like /etc/passwd,
> >/etc/group and so on since, unless you take care to sync the UIDs and
> >GIDs of software packages, those IDs are most likely not going to
> >match across the systems.
> The Linuxes that I use keep the same UIDs between installs. In other
> words the 'www' user (for apache) has the same UID on difference
> installs. Is yours different?
as far as i can tell on debian, all of the UIDs up to 99 will be
consistent. however, from 100-999, those UIDs appear to be allocated
during package installation and it appears to be first come, first
served. on the two systems i'm looking at, the numbers in that range
are *noticeably* different. and from 1000 on, not surprisingly, you
have the user accounts.
based on what i've read, if you have an entry for a software package
in /etc/passwd already, that number will be retained during package
installation, so there's an advantage to copying over /etc/passwd in
its entirety before you install those packages. on the other hand, if
you did a fresh install, then it's too late as those package UIDs will
almost certainly differ as you subsequently install that software.
> Also keep in mind that other files control authentication as well.
> There may be .ssh/authorized_keys, .htaccess, mysql and others that
> you use for authentication and I hope you don't have .rhosts or
> There are authentication configuration files in /etc/pam and user
> database configuration in /etc/nsswitch.conf. You may need to
> configure /etc/ssh/sshd_config if you've made changes. New user
> defaults are in /etc/skel and /etc/default.
> You might also consider moving /etc/ssh/ssh_host_* files. If you
> have a lot of automated logins moving these will help out.
yes, i realize that, and all of that will be part of the individual
configuration of those features/packages. i just wanted to get the
fundamental users and groups duplicated across to the new system.
Robert P. J. Day Waterloo, Ontario, CANADA
Linux Consulting, Training and Annoying Kernel Pedantry.
Web page: http://crashcourse.ca
More information about the kwlug-disc_kwlug.org